<?php
	/*
		Copyright (C) 2003-2004 MJG/04-Inconceivable.org
		See file LICENSE for licensing details.
		See file VERSION for versioning/author/source details
		See file CHANGELOG for changes from version to version
	*/

	// Include configuration data
	include("../global_config.inc.php");

	// Before requiring authentication, let's check their cookie,
	// they may already be auth'd and we can go immediately to the admin
	// Authenticate via cookie that may already be set
	if ( isset($_COOKIE['mcal_adm_auth']) )
	{
		// Authenticate via the set cookie from index.php
		if ( md5($CONF['adm_user'] . $CONF['adm_pass']) == $_COOKIE['mcal_adm_auth'] )
		{
			header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
			exit(1);
		}
	}
	// Authenticate user if 'go' is 'auth'
	if ( isset($FORM['go']) && $FORM['go'] == "auth" )
	{
		if ( $FORM['user'] == $CONF['adm_user'] && $FORM['pass'] == $CONF['adm_pass'] )
		{
			// Set authed status
			$CONF['adm_authed'] = 1;
			// Set cookie with encrypted username and password
			setcookie("mcal_adm_auth", md5($FORM['user'] . $FORM['pass']), time()+$CONF['adm_authed_timeout']);
			// Redirect to admin section
			header("Location: " . $CONF['url_base'] . "/" . $CONF['url_admin'] . "/admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
		}
		else
		{
			// Kill their cookie just for fun
			setcookie("mcal_adm_auth", "", time()-1);
		}
	}
?>
<html>
	<head>
		<title>Schedule Administration Authentication || MCal</title>
		<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
		<style type="text/css">
<?php include($CONF['path_include'] . "/styles.css"); ?>
		</style>
		<script languaegt="javascript" type="text/javascript">
		<!--
			function onLoad( D )
			{
				D.frmLoginAdmin.user.focus();
			}
		-->
		</script>
	</head>
	<body bgcolor="#ffffff" onload="onLoad(document);">

		<!-- TABLE: centering -->
		<table width="100%" height="100%" align="center">
			<tr>
				<td width="100%" height="100%" align="center" valign="middle">

					<!-- TABLE: body-border -->
					<table align="center" cellspacing="0" cellpadding="1" bgcolor="#000000">
						<tr>
							<td width="100%" height="100%" align="center" valign="middle">

								<!-- TABLE: border -->
								<form method="post" action="" name="frmLoginAdmin">
								<input type="hidden" name="go" value="auth">
								<input type="hidden" name="year" value="<?php echo $FORM['year'] ?>">
								<input type="hidden" name="month" value="<?php echo $FORM['month'] ?>">
								<input type="hidden" name="today" value="<?php echo $FORM['today'] ?>">
								<table width="100%" height="100%" align="center" cellspacing="0" bgcolor="#FFFFFF">
									<tr>
										<td width="100%" align="center" colspan="2" bgcolor="#99CCFF" nowrap="nowrap" class="adm_auth">&nbsp;&nbsp;&nbsp;<b>Schedule Administration Authentication</b>&nbsp;&nbsp;&nbsp;</td>
									</tr>
<?php
	// If 'go' is 'auth' and failed to auth, print error
	if ( isset($FORM['go']) && $FORM['go'] == "auth" && $CONF['adm_authed'] == 0 )
	{
		echo "<tr>\n";
		echo "<td width='100%' align='center' colspan='2' class='small'><b>User or password incorrect.</td>\n";
		echo "</tr>\n";
	}
?>
									<tr>
										<td width="50%" align="right" class="normal"><b>User</b></td>
										<td width="50%"><input type="text" name="user" size="20" ></td>
									</tr>
									<tr>
										<td width="50%" align="right" class="normal"><b>Password</b></td>
										<td width="50%"><input type="password" name="pass" size="20"></td>
									</tr>
									<tr>
										<td width="100%" align="center" colspan="2" bgcolor="#99CCFF"><input type="submit" name="submit" value="Continue" size="20" style="width:150px;"></td>
									</tr>
								</table>
								</form>
								<!-- TABLE: border -->

							</td>
						</tr>
					</table>
					<!-- TABLE: body-border -->

<?php
	echo "<br /><center>";
	echo "<a href='http://www.inconceivable.org/projects/mcal'><font size='-2'>Powered by MCal " . $CONF['__version'] . "</font></a>";
	echo '<br />';
	echo '<a href="../appt.php?year=' . $FORM['year'] . '&month=' . $FORM['month'] . '&today=' . $FORM['today'] . '" style="font-size:10px;">MAIN</a>';
	echo "</center>";
?>


				</td>
			</tr>
		</table>
		<!-- TABLE: centering -->

	</body>
</html>
